Get a Clue About IT Security Analysis - SIEM 101

Everyone in IT knows that security is a big deal, but did you know that SIEM (security information and event management) can help protect your network from data breaches, even when traditional defenses fail?

If SIEM a mystery to you, lets grab Colonel Mustard, the candlestick and head to the library because this mystery is about to be solved. We'll be giving out more than just clues in this webinar: you'll discover explanations of security concepts, tools, tips and tricks as we unravel the mystery of how to better protect your network. Bring your magnifying glass, because you’ll also learn about event correlation, EPS, normalization and other things that will surely impress your friends.

Learn from our chief gumshoe and noted SIEM Enthusiast Joe Schreiber. He’ll explain the reasons that SIEM exists, how it works, and most importantly - what you can do with it.

While malware has been a thorn in the side of IT pros for years, some of the recent variants observed by the AlienVault Labs security research team, like Mirai, have turned our own Internet of Things (IoT) devices into weapons against us. Join us for a live demo to learn about the most common types of malware, and how you can detect infections quickly with AlienVault USM.
In this demo, we'll cover:
Common types of malware (viruses, worms, Trojans/RATs, rootkits, and more)
How new variants propagate while evading preventative security measures
Signature versus anomaly detection (and why both are important)
What to do when you detect malware activity on your network
How USM can help identify malware infections so you can take action quickly

Brute force attacks are relatively simple for attackers to implement and they can wreak havoc on your organization if you don’t detect them and shut them down quickly. Join us for a live demo, where we’ll demonstrate a brute force attack (simulated, of course!) and show how AlienVault USM can help you detect and investigate these types of attacks.
You'll learn:
How attackers can use brute force attacks to gain access to your network
Measures you can take to better secure your environment to detect and prevent these attacks
How AlienVault USM alerts you immediately of brute force attack attempts
How to use AlienVault USM to investigate an attack and identify compromised assets

The healthcare industry is one of the top targets for ransomware attacks, and the US Dept. of Health and Human Services Office for Civil Rights (OCR) has now stated that ransomware incidents should be treated the same way as other data breaches under the Health Insurance Portability and Accountability Act (HIPAA) unless there is substantial evidence to the contrary.

In this webinar, we'll discuss:
-Why the OCR guidelines are important
-Why attackers are going after healthcare firms
-How to detect a ransomware attack
-Steps you can take to protect your organization

Over the past 10 years, IT managed services have become universally available and moving from a luxury to more of a must-have. Building on this notion of IT as a service, more companies are recognizing the need for a comprehensive security posture but may lack the ability or desire to manage in-house. This leaves the door open to whom will provide this security as a service.

Join us as we explore one partner’s journey from managed services to managed security. Dataprise has been a leading provider of IT managed services for over a decade and now offers a complete managed security service.

During this webcast, we’ll get an inside look into:

The basics of becoming a MSSP
Tools MSSPs use to build their service
Common challenges in creating a managed security service

Demonstrating compliance with the new PCI DSS 3.2 is far from a trivial exercise. Those 12 requirements often translate into a lot of manual and labor-intensive tasks, along with the need to access data and reports from many different systems and tools. Join us for this technical demo to learn how AlienVault can simplify PCI DSS compliance and improve your overall security posture.

In this interview with Dark Reading at Blackhat 2016, Brian Gillooly and Roger Thorton discuss the latest update to AlienVault's threat sharing community of over twenty thousand users, Open Threat Exchange (OTX).

There's always a need to stop bad stuff from coming in, but it's important to remember that those inside the firewall can pose an even bigger risk to your network security. Whether its unsuspecting users clicking on phishing e-mails, someone running bit torrent in your datacenter, or a truly malicious user out to sabotage the network, insider threats can really keep you up at night.

Join us for this technical demo showing how USM can help you detect:
Malware infections on end-user machines
Connection of USB storage drives to network assets
Insiders mis-using network resources
Suspicious user activity

By now you've probably heard about new ransomware threats like CryptoWall, which encrypts your data and demands payment to unlock it. These threats are delivered via malicious email attachments or websites, and once they execute and connect to an external command and control server, they start to encrypt files throughout your network. Therefore, spotting infections quickly can limit the damage.

AlienVault USM uses several built-in security controls working in unison to detect ransomware like CryptoWall, usually as soon as it attempts to connect to the hackers’ command and control server. How does it all work? Join us for a live demo that will show how AlienVault USM detects these threats quickly, saving you valuable clean up time by limiting the damage from the attack.
You'll learn:
How AlienVault USM detects communications with the command and control server
How the behavior is correlated with other signs of trouble to alert you of the threat
Immediate steps you need to take to stop the threat and limit the damage

The Security Operations Center, or SOC, is the command center for security monitoring and incident response. You’ve seen them in the news, the movies, even on TV. But what really happens on the inside?
Back by popular demand, join us for Part 2 of our "A Day Inside a SOC" series, where we'll dive into:
Routines: How they are affected by shifts, roles and tooling
Roles: What other skillsets and professions are found in SOCs
SOC and Analyst layouts: More details on screens and their origins
Investigations: What they were before SIEM, after SIEM and with AlienVault USM
Whether you are a "one-man SOC" or part of a team, you'll come away with practical tips to improve threat detection and response.

Host-based intrusion detection systems (HIDS), work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of host-based monitoring, including:
Analyzing system behavior and configuration status to track user access and activity
Detecting system compromise, modification of critical configuration files (e.g. registry settings, /etc/passwd), common rootkits, and rogue processes
Correlating HIDS data with known IP reputation, vulnerability scans and more
Logging and reporting for PCI compliance

As malware becomes more commercialized, attackers are leveraging the same attack kits again and again. Threat intelligence offers the ability to detect attacks carried out using methods previously reported by others. But, only if it can be effectively integrated into security controls & processes. For IT security teams considering integrating threat intelligence, what are the first steps to get started?
Join AlienVault for this practical session covering:
How to evaluate threat intelligence sources
How to get started with threat intelligence
How to simplify the integration of threat intelligence into your daily operations
Practical use cases for mid-market organizations

SOCs, or Security Operations Centers,; You’ve seen them in the news, the movies, even on TV. But what really happens on the inside? What are they showing on those screens when the cameras aren’t rolling? If you think it’s all about the screens and even more screens you only know half the story. In this webinar you’ll get to know what SOC analysts actually do on a daily basis when they aren’t browsing Reddit or cursing the existence of Flash.
Join this webinar to learn:
What happens in a SOC on a typical day, when there aren’t “incidents”
Roles, responsibilities and skillsets of successful SOC teams
Why teamwork is essential to a SOC
We'll finish up with a demo of AlienVault USM to show how it can help SOC analysts speed up threat detection and incident response.

By now you've probably heard about new ransomware threats like CryptoWall, which encrypts your data and demands payment to unlock it. These threats are delivered via malicious email attachments or websites, and once they execute and connect to an external command and control server, they start to encrypt files throughout your network. Therefore, spotting infections quickly can limit the damage.

AlienVault USM uses several built-in security controls working in unison to detect ransomware like CryptoWall, usually as soon as it attempts to connect to the hackers’ command and control server. How does it all work? Join us for a live demo that will show how AlienVault USM detects these threats quickly, saving you valuable clean up time by limiting the damage from the attack.
You'll learn:
How AlienVault USM detects communications with the command and control server
How the behavior is correlated with other signs of trouble to alert you of the threat
Immediate steps you need to take to stop the threat and limit the damage

The fun with IDS doesn't stop after installation, in fact, that's really where the fun starts. Join our panel of IDS experts for an educational discussion that will help you make sense of your IDS data, starting from Day 1. We will discuss signature manipulation, event output and the three "P's" - policy, procedure and process. We won't stop there either! You will find out the meaning behind the terms all the cool kids are using like "False Positives" and "Baselining". We'll round it out with more information about how IDS interacts with the rest of your IT applications and infrastructure. If you installed an IDS and are wondering what to do next then signup now!

Demonstrating compliance with PCI DSS is far from a trivial exercise. Those 12 requirements often translate into a lot of manual and labor-intensive tasks, along with the need to access data and reports from many different systems and tools. Join us for this technical demo to learn how AlienVault can simplify PCI DSS compliance and improve your overall security posture.

While malware has been a thorn in the side of IT pros for years, some of the recent variants observed by the AlienVault Labs security research team, like CoreBot, have the ability to modify themselvs on the fly, making them nearly impossible to detect with traditional preventative security measures. Join us for a live demo to learn about the most common types of malware, and how you can detect infections quickly with AlienVault USM.

In this demo, we'll cover:
- Common types of malware (viruses, worms, Trojans/RATs, rootkits, and more)
- How new variants propagate while evading preventative security measures
- Signature versus anomaly detection (and why both are important)
- What to do when you detect malware activity on your network
- How USM can help identify malware infections so you can take action quickly